Astahost.com   Mar 22, 2010
Open Discussion & Free Web Hosting > Computers & Tech > How-To's and Tutorials > Programming > PHP
Pages: 1, 2

PHP Tutorial: Form Verification And Simple Validation - A One Page script for PHP form verification.

 		free web hosting
Open Discussion & Free Web Hosting > Computers & Tech > How-To's and Tutorials > Programming > PHP

PHP Tutorial: Form Verification And Simple Validation - A One Page script for PHP form verification.

Andres Martinez Andrade
Jan 10 2008, 06:34 AM
QUOTE(mastercomputers @ Apr 7 2007, 05:51 PM) *
Well, I don't see no solutions to what I suggested so I'll provide clues.

To check if a form is actually the form you want to process, you need to make sure that the form resides where you've placed it. You can check that the form is actually coming from the server it's hosted on by checking it's referrer which should indicate either the server's domain or ip address.



If you check the referrer is enough to kick a hacker out or there exists another good practices for enhancing security in php scripts that process forms?

Comment/Reply (w/o sign-up)

TavoxPeru
Mar 28 2008, 08:59 PM
QUOTE(Andres Martinez Andrade @ Jan 10 2008, 01:34 AM) *
If you check the referrer is enough to kick a hacker out or there exists another good practices for enhancing security in php scripts that process forms?

Checking the referrer is a good practice but in my opinion is not enough, because it can also be faked, for this situation you can implement some type of IP checking. If the IP has not visited the specific page shortly prior to calling the script, deny access. For example the following code can be used to get the user's IP address:

CODE
<?php
$ip=$_SERVER["REMOTE_ADDR"];
?>

Another good practice for enhancing security in php scripts is to validate for the correct method -POST or GET- that you use in your form, it is recomended that never use the $_REQUEST variable, if you use it for your validations you don't know which method is used, because this variable can handle both methods.

For example, if you use the POST method to send your form, it is very easy to validate it with the following code:

CODE
<?php
if($_SERVER['REQUEST_METHOD'] != "POST"){
   echo("Unauthorized attempt to access page.");
   exit;
}
?>

Best regards,

 

 

 


Comment/Reply (w/o sign-up)

iGuest-Rudolf
Jul 20 2008, 02:33 AM
PHP GD Lib random code verification in numbers only please
PHP Tutorial: Form Verification And Simple Validation

GD Lib with PHP produces my verification code in random letters and numbers.
That exactly is my problem, the letters!
I want to use the contact form on a multi lingual webpage with UTF-8 encoded input possible - but forreign languages do not have english alphabets on their keyboards.

So I would like to know if it is somehow possible to chnage what GD Lib displays e.G to make it show only numbers.

Anyone having an idea??

-reply by Rudolf

Comment/Reply (w/o sign-up)

Got an Opinion! Express your Views! (no registration):-
Add your Reply/ Opinion/ Views/ Comments/ Suggestion/ Questions/ Queries etc.
Posts with decent grammar & English will be accepted and please refrain from profanities.
For asking a Question, We recommend you to sign-up (for free) so that you can track the topic easily.
Nature of your Post*: Opinion/ Reply/ Comments
Question/Query
Feedback to us.
       
Name   Email
Title/Question*

This textarea will convert to Rich-Text automatically (IE, Firefox, Chrome)

Pages: 1, 2
Similar Topics

Keywords : form, verification, simple, validation, page, script, php, form, verification

  1. Creating A Php Login Script
    A thorough look at the process behind it (3)
  2. A Simple Register Script
    This Is a Very Simple Register-Script (3)
    Some time ago, i made a login-script. But how do you use a login-script, if you can't register.
    So this morning, I decided to make a register-script.. What you should already know: The php
    basics and a little more. How to use php and mysql together. The HTML basics (to make the forms).
    The first thing we should do, is creating the database tables. Here is the code: CODE CREATE
    TABLE `user` (   `id` int(4) unsigned NOT NULL auto_increment,   `username` varchar(32) NOT NULL,
      `password` varchar(32) NOT NULL,   `level` int(4) default '1',   PRIMARY K....
  3. Attack Script In Php
    This is a funny attack script that i made (5)
    Hey! I am going to share an attack script that i made for some time ago. I made it, as a test for
    my game.. And ofc, you can use it for your game to. It is still version 1.0. But I want you to learn
    something from it /wink.gif" style="vertical-align:middle" emoid=";)" border="0" alt="wink.gif" />
    This is my second tutorial here, and I will try to make it better than my first one /smile.gif"
    style="vertical-align:middle" emoid=":)" border="0" alt="smile.gif" /> Here is the SQL File.
    CODE CREATE TABLE `characterss` (   `health` int(200) NOT NULL default '10....
  4. Very Simple Login-script
    This is a very simple and secure login-script (19)
    Hi. This is my first post here. please Tell me if i do something wrong. This is a very simple and
    secure login script. I will try to add as many comments as possible, to make it easier to
    understand. Lets start with the database. Just make a new SQL file, and call it whatever you want.
    Paste this code: CODE CREATE TABLE `user` (   `id` int(4) unsigned NOT NULL auto_increment,
      `username` varchar(32) NOT NULL,   `password` varchar(32) NOT NULL,   `level` int(4) default
    '1',   PRIMARY KEY  (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=27 DEFAULT CHARSET=latin1; ....
  5. Simple User Validation Script
    (8)
    This tutorial will show you how to create a simple user validation script with PHP. We will need
    two files: "protect.php" and "login.php". The protect file is not meant to be viewed by itself. In
    order to protect a page, you need to include that file by using PHP code like the following: CODE
    include("protect.php"); Keep in mind that this needs to be in between your tags. This bit of
    code uses the include function. It is a handy function that reads all the information contained in
    one file and temporarily adds it to another. For example, this can be used to cr....
  6. PHP Tutorial: Menu Or Sidebar Script For CMS101
    and other applications as well (6)
    A Php Menu-builder Tutorial This Sidebar Menu-builder code and the php scripts are adapted from
    a Tutorial on the Astahost.com Forum titled : CMS101 - Content Management System Design .
    Since the original tutorial's author (vujsa) did such a marvellous job of describing the system
    in the original Topic posting, I will not attempt to explain it here, rather, I invite you to have a
    look at his Topic and learn from it. The Basic tutorial provided coding for developing a table-based
    web-site template which used php includes and embedded data to create a &....
  7. PHP: Writing A Generic Login And Register Script
    (15)
    Now there are basically 3 functions that a user management system provides: login, register, and
    protection. A user management system can do more than this but that is all that this tutorial will
    be covering. I will try to explain what I am doing as I go along but to fully understand what is
    happening you should have a basic knowledge of PHP, SQL, and HTML. This tutorial assumes you are
    using MySQL, adjust accordingly for a different DBMS. First off lets define the database table
    where our users will be stored. Using phpMyAdmin run this statement to create our table....


      8. Looking for form, verification, simple, validation, page, script, php, form, verification



See Also,

*SIMILAR VIDEOS*
Searching Video's for form, verification, simple, validation, page, script, php, form, verification
advertisement




PHP Tutorial: Form Verification And Simple Validation - A One Page script for PHP form verification.

Affordable Web Hosting, Low cost Web Hosting - ComputingHost.com



Creative Commons License